Fun

News Feed - 2023-09-11 10:09:19

Brayden Lindrea7 hours agoLido assures LDO, stETH tokens remain safe despite flaw in token contractThe “fake deposit” attack enables bad actors to execute a transfer where the requested value is larger than what the user actually owns.2581 Total views21 Total sharesListen to article 0:00NewsJoin us on social networksEthereum staking protocol Lido Finance has assured both Lido DAO (LDO) and staked-Ether (stETH) tokens remain safe despite hackers allegedly exploiting a known security flaw in LDO’s token contract.


Lido didn’t confirm any exploits, but acknowledged the security flaw was known and reassured LDO and stETH funds remain safe in response to a Sept. 10 post by blockchain security firm SlowMist.


SlowMist said LDO’s flawed token contract allows bad actors to facilitate “fake deposit” attacks on exchanges because LDO’s token contract enables users to execute transactions even where they don’t have sufficient funds. This code deviates from the Ethereum Request for Comment 20 (ERC-20) token standard, according to SlowMist.


However, Lido Finance argued the flaw is built into all ERC-20 tokens — not just Lido’s LDO token:This behaviour is expected and conforms to the ERC20 token standard (see tweet below). Both LDO and stETH (and Lido governance) remain safe.

Lido token integration guides will be updated with LDO specifics to make this more visible shortly.— Lido (@LidoFinance) September 10, 2023


SlowMist said the “fake deposit” attacks came from LDO’s token contract executing transfers where the value is larger than what the user actually owns, triggering a false return as opposed to reverting the transaction. While the firm said Lido’s token contract has recently been exploited via this attack, no on-chain evidence was provided.


Cointelegraph reached out to SlowMist for comment but did not receive an immediate response.


Meanwhile, on-chain analyst “Hercules” explained on Sept. 10 that the security flaw may not be picked up by cryptocurrency exchanges.


SlowMist recommends LDO holders to also check the return values of the token contract transfers in addition to the success or failure of a transaction.


The blockchain security firm concluded that token contract implementations and behaviors vary by project and to conduct comprehensive testing before integrating any new tokens.


Related:Ethereum staking services agree to 22% limit of all validators


However, Lido highlighted in the official Ethereum Improvement Proposal document — co-authored by Vitalik Buterin in November 2015 — that both the “transfer” and “transferFrom” functions must return the transfer status and are only recommended to revert a transaction in exceptional cases.ERC20 token standard: https://t.co/YlrS1ZN6Fd

1) Both transfer and transferFrom are required to return transfer status and are only recommended to revert a tx in exceptional cases.

2) The standard says that a caller is obliged to check the return status (see 'Token methods'). pic.twitter.com/6KTcIyxo2F— Lido (@LidoFinance) September 10, 2023


To resolve the security flaw, Lido confirmed that the LDO token integration guides will soon be updated.


Collect this article as an NFTto preserve this moment in history and show your support for independent journalism in the crypto space.


Magazine:DeFi Dad, Hall of Flame: Ethereum is ‘woefully undervalued’ but growing more powerful# Altcoin# Security# Ethereum# Hackers# DAO# ERC-20# DeFi# Staking# Lido DAOAdd reactionAdd reactionRead moreHow to actually spend your Bitcoin, ExplainedCrypto VC: Risk and investment strategies with Shima CapitalHuman vs. AI: Who is better at crypto investing?

News Feed
Bitcoin halving could be a ‘sell-the-news’ event, at least for a few months
Nancy Lubale3 hours agoBitcoin halving could be a ‘sell-the-news’ event, at least for a few monthsAnalysts say Bitcoin’s halving could be a sell-the-news event as short-term speculators and BTC ETF purchasers book
2024-04-09 05:56 AM
Mnuchin Affirms $1.5 Trillion Unaccounted For, Still Demands Strict Bitcoin Regulation
Mnuchin Affirms $1.5 Trillion Unaccounted For, Still Demands Strict Bitcoin Regulation U.S. Treasury Secretary Steven Mnuchin remarked last week that a reported $1.5 trillion in
2019-12-24 01:20 AM
Philippines SEC ‘can’t endorse’ ways to retrieve funds after Binance ban
Ezra Reguerra14 hours agoPhilippines SEC ‘can’t endorse’ ways to retrieve funds after Binance banSEC official Paolo Ong said that they’ve already given users three months and extended it a little to allow users t
2024-04-08 18:19 PM
Win a MASERATI MC Special Edition as Race-to-Earn Game ANTEFAME Celebrates MASERATI Partnership
Win a MASERATI MC Special Edition as Race-to-Earn Game ANTEFAME Celebrates MASERATI Partnership sponsored Start building your roster of rookies, vets, and rising drivers and be a pa
2022-02-17 23:00 PM
ONDO Faces 30% Correction Risk If It Loses $1.46 Support – Top Analyst
Este artículo también está disponible en español. Ondo Finance has faced significant challenges in recent weeks, with its price dropping over 30% from its all-time high o
2024-12-27 02:30 AM
BlackRock begins asset tokenization with launch of digital liquidity fund
Derek Andersen2 hours agoBlackRock begins asset tokenization with launch of digital liquidity fundThe world’s largest asset manager has taken “the next step forward” toward a single ledger, instantaneous settlement
2024-03-20 06:15 AM
Goldman Sachs Executes Bank’s First OTC Crypto Transaction Trading a Bitcoin Non-Deliverable Option
Goldman Sachs Executes Bank"s First OTC Crypto Transaction Trading a Bitcoin Non-Deliverable Option On Monday, the multinational investment bank and financial services company Gold
2022-03-22 03:30 AM
Wormhole Releases Solana and Ethereum NFT Bridge — A Bi-Directional Highway for Blockchain Collectibles
Wormhole Releases Solana and Ethereum NFT Bridge — A Bi-Directional Highway for Blockchain Collectibles Last Friday, blockchain project the Wormhole Network launched the protocol
2021-09-24 03:00 AM
Bitcoin, Ethereum Technical Analysis: BTC Below $17,000, as ETH Nears $1,200 Breakout
Bitcoin, Ethereum Technical Analysis: BTC Below $17,000, as ETH Nears $1,200 Breakout Bitcoin fell below $17,000 on Dec. 16, as bearish pressure continued to intensify following ye
2022-12-16 23:00 PM
Binance Sees Record Increase in Indian Users After Government Starts Imposing New Crypto Tax
Binance Sees Record Increase in Indian Users After Government Starts Imposing New Crypto Tax The number of Indian users on cryptocurrency exchange Binance has soared after the Indi
2022-09-15 12:30 PM
Tether Targets $500 Billion Valuation In New Equity Offering Amid US Expansion Plans
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-09-24 07:43 AM
Vitalik Buterin opts for faster Ethereum, EIP-7732 gives hope
Josh O"Sullivan56 minutes agoVitalik Buterin opts for faster Ethereum, EIP-7732 gives hopeEIP-7732 aims to make things easier for Ethereum validators by splitting their tasks and creating a committee to check if transact
2024-07-04 17:03 PM